Our security research centers around the world provide unparalleled analysis of and protection from malware, security risks, vulnerabilities, and spam. If you have any thoughts for how we can improve the content on these pages, please take a moment to provide some
Most users typically encounter malicious threats as they use their computer to engage in online activities. Symantec is constantly monitoring the threat landscape where our users are likely to spend most of their time online.
The Internet Threat Meter provides a quick visual indicator of how likely each common online activities is likely to encounter some form of threat from a malicious attacker.
Hover over each activity for a short explanation of the current risk level
Click on an activity to visit a page with more detail on that activity and the risk level
Malicious code and fraudulent messages often circulate via email. Never open unsolicited attachments or hyperlinks, and always verify the source of any messages that ask you for sensitive information.
Although no widespread attacks are currently targeting web users, take normal precautions while viewing sites because of ongoing threats such as script-based attacks and phishing attacks that use fake sites.
Currently there are no widespread outbreaks of malicious code circulating via instant messaging. In the past, however, some malicious code did take advantage of IM. Always use normal security precautions whenever you use IM.
Although attackers often use this medium to distribute trojan applications and malicious code, no high-profile threats are currently affecting the medium. Always use caution when downloading files, especially from sources you don’t know or trust.
Symantec Security Response @ Thu, 24 May 2012 12:12:33
Analysis by: Hiroshi Shinotsuka Recent malware campaigns that used Tibet-related issues as bait have been well ...
Nick Johnston @ Fri, 18 May 2012 14:21:44
Today sees the highly-anticipated IPO (Initial Public Offering) of the social-networking site Facebook. The IPO is ...
Trojan.Zeroaccess is a Trojan horse that uses an advanced rootkit to hide itself. It is often installed through drive-by-download attacks from sites hosting the Blackhole exploit kit. The Trojan can also create an encrypted, hidden file system, download more malware, and open a back door on the compromised computer.
The Trojan is called ZeroAccess due to a string found in the kernel driver code that is pointing to the original project folder called ZeroAccess. It is also known as max++ as it creates a new kernel device object called __max++>.
More information on Trojan.Zeroaccess is available in the Trojan.Zeroaccess writeup.
Videos
Security Response clips about malware and its effects
How They Attack
Over the last 18 months, an ominous change has swept across the Internet. The tools driving the new attacks and fueling the blackmarket are crimeware - bots, Trojan horses, and spyware.
How does cybercrime affect people? Check out these real-world examples. To avoid becoming a victim of cybercrime, learn the basics of online protection.
